package com.store.web.security;

import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.ServletActionContext;

import com.opensymphony.xwork2.ActionSupport;
import com.ross.web.dao.UsersDAO;
import com.ross.web.domain.Users;
import com.ross.web.util.Encrypter;
import com.ross.web.util.SessionLogout;

public class ChangePasswordAction extends ActionSupport {
	
	private String oldPwd;
	private String newPwd;
	private String confirmNewPwd;
	
	private SessionLogout sessionLogout = new SessionLogout();
	private Encrypter e = new Encrypter();
	private HttpServletRequest request = ServletActionContext.getRequest();
	
	UsersDAO usersDAO = new UsersDAO();
	
	public String goToChangePasswordAction(){
		
		if (sessionLogout.SessionExpired()) {
			addActionMessage("Session already expired");
			return "sessionExpired";
		}
		
		return SUCCESS;
	}
	
	public String doChangePasswordAction(){
		
		if (sessionLogout.SessionExpired()) {
			addActionMessage("Session already expired");
			return "sessionExpired";
		}
		
		if(!validateInputs()){
			return ERROR;
		}else{
			doChangePassword();
		}
		
		return SUCCESS;
	}
	
	private boolean validateInputs(){
		
		Users ua = (Users) request.getSession().getAttribute("userAccess");
		String currentOldPwd = e.decrypt(ua.getPassword());
		
		if(oldPwd.trim().length() == 0){
			addActionError(getText("error.changepassword.oldpwdrequired"));
		}else if(!currentOldPwd.equals(oldPwd)){
			addActionError(getText("error.changepassword.invalidOldPwd"));
		}
		
		if(newPwd.trim().length() == 0){
			addActionError(getText("error.changepassword.newpasswordrequired"));
		}else if(newPwd.trim().length() < 5){
			addActionError(getText("error.changepassword.minimumpwdlength"));
		}
		
		if(confirmNewPwd.trim().length() == 0){
			addActionError(getText("error.changepassword.confirmrequired"));
		}
		
		if(!newPwd.equals(confirmNewPwd)){
			addActionError(getText("error.changepassword.notmatch"));
		}
		
		if(oldPwd.length() > 30 || newPwd.length() > 30 || confirmNewPwd.length() > 30){
			addActionError(getText("error.changepassword.exceedlimit"));
		}
		
		if(this.hasActionErrors()){
			return false;
		}else{
			return true;
		}
	}
	
	private void doChangePassword(){
		Users user = (Users) request.getSession().getAttribute("userAccess");
		user = usersDAO.getUsersById(user.getUserid());
		String newpassword = e.encrypt(newPwd);
		user.setPassword(newpassword);
		try {
			usersDAO.update(user);
			addActionMessage(getText("success.changepassword"));
		} catch (Exception e1) {
			e1.printStackTrace();
		}
		
		
	}

	public String getOldPwd() {
		return oldPwd;
	}

	public void setOldPwd(String oldPwd) {
		this.oldPwd = oldPwd;
	}

	public String getNewPwd() {
		return newPwd;
	}

	public void setNewPwd(String newPwd) {
		this.newPwd = newPwd;
	}

	public String getConfirmNewPwd() {
		return confirmNewPwd;
	}

	public void setConfirmNewPwd(String confirmNewPwd) {
		this.confirmNewPwd = confirmNewPwd;
	}
	
	

}
